Generates SBOM after source files are updated with release tag (#680)
* update source file with release version info before SBOM generation
* delete tag branch during cleanup
diff --git a/.github/workflows/auto-release.yml b/.github/workflows/auto-release.yml
index 3bf820a..426d8f0 100644
--- a/.github/workflows/auto-release.yml
+++ b/.github/workflows/auto-release.yml
@@ -25,7 +25,6 @@
- name: Tool Setup
uses: actions/setup-python@v2
with:
- python-version: 3.7.10
architecture: x64
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -51,7 +50,18 @@
- name: create a new branch that references commit id
working-directory: ./local_kernel
- run: git checkout -b ${{ github.event.inputs.version_number }} ${{ github.event.inputs.commit_id }}
+ run: |
+ git checkout -b ${{ github.event.inputs.version_number }} ${{ github.event.inputs.commit_id }}
+ echo "COMMIT_SHA_1=$(git rev-parse HEAD)" >> $GITHUB_ENV
+
+ - name: Update source files with version info
+ run: |
+ # Install deps and run
+ pip install -r ./tools/.github/scripts/release-requirements.txt
+ ./tools/.github/scripts/update_src_version.py FreeRTOS --kernel-repo-path=local_kernel --kernel-commit=${{ env.COMMIT_SHA_1 }} --new-kernel-version=${{ github.event.inputs.version_number }} --new-kernel-main-br-version=${{ github.event.inputs.main_br_version }}
+ exit $?
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Generate SBOM
uses: FreeRTOS/CI-CD-Github-Actions/sbom-generator@main
@@ -65,13 +75,19 @@
git add .
git commit -m 'Update SBOM'
git push -u origin ${{ github.event.inputs.version_number }}
- echo "COMMIT_SHA=$(git rev-parse HEAD)" >> $GITHUB_ENV
+ echo "COMMIT_SHA_2=$(git rev-parse HEAD)" >> $GITHUB_ENV
- name: Release
run: |
# Install deps and run
pip install -r ./tools/.github/scripts/release-requirements.txt
- ./tools/.github/scripts/release.py FreeRTOS --kernel-repo-path=local_kernel --kernel-commit=${{ env.COMMIT_SHA }} --new-kernel-version=${{ github.event.inputs.version_number }} --new-kernel-main-br-version=${{ github.event.inputs.main_br_version }}
+ ./tools/.github/scripts/release.py FreeRTOS --kernel-repo-path=local_kernel --kernel-commit=${{ env.COMMIT_SHA_2 }} --new-kernel-version=${{ github.event.inputs.version_number }} --new-kernel-main-br-version=${{ github.event.inputs.main_br_version }}
exit $?
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+ - name: Cleanup
+ working-directory: ./local_kernel
+ run: |
+ # Delete the branch created for Tag by SBOM generator
+ git push -u origin --delete ${{ github.event.inputs.version_number }}